Bugtraq | Mailing Lists | Library

WARNING
Trojan horse disguised as message from SecurityFocus and TrendMicro
by SecurityFocus
An e-mail message claiming to come from the SecurityFocus ARIS Analyst Team and TrendMicro is being used to deliver what appears to be a Trojan horse to unsuspecting users.

Do not run this attachment. These messages do not come from TrendMicro or SecurityFocus, as a quick check of the headers will reveal.

The e-mail message comes with an executable attachment named FIX_NIMDA.exe. The name is similar to the one used by TrendMicro for their free Nimda removal tool (FIX_NIMDA.com).

Last night, SecurityFocus sent e-mails to its global distribution list to alert users of the fakery. Below is a link to an example of the false e-mail, as well as the recommended patch.

SecurityFocus will never send executable attachments claiming to be a fix to any worm or vulnerability. If you have received a similar message we would like to hear from you.

Common sense and best practices indicates that you should not execute any code that is delivered via email unless you can authenticate the source of the message.

A link to the message is given in the Incidents Mailing List Archive:
http://www.securityfocus.com/archive/75/217456

Thanks for your time,

Elias Levy
CTO SecurityFocus
aleph1@securityfocus.com



INFOCUS
In Basics:
Introduction to Security Policies, Part Three: Structuring Security Policies
by Charl van der Walt
This is the third in a four-part overview of security policies. In the first article, we looked at what policies are and what they can achieve. In the second article, we looked at the organizational support required to implement security policies successfully. In this installment, we shall discuss how to develop and structure a security policy.

Unix:   An Introduction OpenSSL, Part Four: The SSL and TLS Protocols
Incidents:   How to Design a Useful Incident Response Policy


NEWS
Zero-Knowledge to Close Anonymity Service
By Will Rodger
Oct 4 2001 3:49PM PT
Sophisticated privacy network enjoyed cypherpunk street cred, but few customers.
 
House Panel Approves Expanded Surveillance Powers
By David McGuire, Newsbytes
Oct 3 2001 11:48PM PT
Anti-terror PATRIOT Act clears Judiciary Committee in unanimous vote.
 
Alternative Anti-terror bill limits life sentence for hackers
A Battle-Ready Net?
Lawmaker Sounds Computer Security Warning
Hackers face life imprisonment under 'Anti-Terrorism' Act


VULNERABILITIES
Progress Database JvmStart Format String Vulnerability
Progress Database Multiple Buffer Overflow Vulnerability
Symantec Norton Antivirus LiveUpdate Host Verification Vulnerability


ADVISORIES
Internet Security Systems ISS-098: Multi-Vendor Format String Vulnerability in ToolTalk Service
Hewlett-Packard HPSBUX0110-170: Sec. Vulnerability in OV NNM
Hewlett-Packard HPSBUX0110-169: Sec. Vulnerability in rpcbind
   COLUMNISTS
Does IIS Have a Future?
by Tim Mullen
The Gartner Group recommends dumping Microsoft's web server software for 'alternatives.' What are they smoking?

Front Page
Break the Scarfo silence
Basics
What September 11th May Mean to Netizens
Unix
The crypto genie is out of the bottle
Virus
Nimda: a flash in the pan

   ON THE AIR
IFR - 10/01/01
 Info.sec.radio broadcast October 1, 2001.
   GUEST FEATURE
Realizing Electronic Notaries

   CALENDAR
3rd International SANE Conference
Linux.conf.au 2002

   TOOLS
libsmbpw v1.3
GPG Keys v0.2.0


OFFSITE
Products
Services
Links
Elsewhere



Privacy Statement
Copyright © 1999-2001 SecurityFocus